1 Reply Latest reply on Sep 19, 2008 10:50 PM by 843844

    HttpSession getAttribute returns null at random

      Hi, I have a webapplication that uses the struts framework on Tomcat. All the action classes are controlled by a BaseAction class where I check for valid session. Upon successful validation, I set the httpsession attribute and validate the other actions against the session attribute.

      session.setAttribute(Constants.CUSTOMER_ID, customerID)
      where customer ID is the unique identifier for every user.

      On the BaseAction class, except for the login action, I check for the session attribute validity.

      String customerID= (String)httpSession.getAttribute(Constants.CUSTOMER_ID);                    
      if (customerID== null) {          
      List messages = new LinkedList();
      messages.add("You have either not logged in or you session has expired. Please log in to proceed.");          
      return mapping.findForward(Constants.FORWARD_LOGIN);

      If the customerID is null, it redirects the user to the login page stating his session is expired.

      On Tomcat /conf/web.xml, the session timeout is set to 30.

      Occassionally, i find strange behaviour such as immediately after login, when the user tries any action, he is logged out stating his session is expired and I could see the customerID is null.

      But when a new browser is opened, this problem does not occur for sometime but then another browser close is required. This happens at random.

      Also, most of my actions in struts.config config xml has scope ="request". Would that make a differenceif the scope ="session"?

      Any help is greatly appreciated.

      Edited by: javalearnerscreen on Aug 17, 2008 11:25 AM

      Edited by: javalearnerscreen on Aug 17, 2008 11:28 AM